ECPC visiting fellows

Paul Breitbarth is a privacy lawyer from the Netherlands. He currently works as Data Protection Lead for Catawiki, the leading online auction marketplace to buy and sell special objects. In addition, Paul works as Senior Visiting Fellow at Maastricht University’s European Centre on Privacy and Cybersecurity, and serves as Member of the Data Protection Board of the European Patent Office. He is a regular speaker on webinars and at conferences, and co-hosts the Serious Privacy podcast. 

Previously, Paul worked both in the public and private sector in multiple privacy roles, including at TrustArc, Nymity and the Dutch Data Protection Authority. He was an active member of various Article 29 Working Party subgroups, co-authoring opinions on the data protection reform, surveillance, the Privacy Shield and others. In 2015, he organized the International Privacy Conference in Amsterdam. Paul holds a Master of Laws from Maastricht University in the Netherlands.

Dr. Maja Brkan serves as Judge at the General Court of the European Union. She is a Visiting Fellow of the European Centre on Privacy and Cybersecurity and Distinguished Fellow of Maastricht Centre for European Law. She was Associate Professor of European Union Law at Maastricht University (2018-2021) and Assistant Professor at the same university (2013-2018), as well as Associate Director of the Maastricht Centre for European Law (2017-2020). Prior to her academic appointment, she served as a legal advisor (référéndaire) at the Court of Justice of the EU (2007-2013).

She holds a Bachelor of Laws from the University of Ljubljana (2003), a Master of Laws from the University of New York (2004) and a PhD from the University of Ljubljana (2007). She is also a holder of a prestigious Diploma of the Academy of European Law from the European University Institute in Florence and was awarded the prize “Young Lawyer of the Year 2007” from the Union of Lawyers’ Associations in Slovenia.

Dr. Brkan has published widely in numerous areas of European law. Her recent research focuses on EU fundamental rights, particularly on privacy and data protection, on legal questions of artificial intelligence, as well as on the impact of new technologies on society. Her research approach seeks to analyse these fields from the perspective of theoretical underpinnings of EU fundamental rights and from the viewpoint of the interplay with other fields, such as private international law and consumer protection law in the EU. On these topics, she lectured at various conferences and universities across Europe and beyond, including Yale University, Oxford University and Beijing Normal University. She has also been a visiting researcher at the European University Institute, at the University of California –  Berkeley and at the University of Ljubljana. Her notable publications include a core Slovenian textbook on EU law (co-authored with Professor Dr. Verica Trstenjak), a monograph on EU external relations and two edited volumes on data protection in the digital environment and procedure before the EU courts, respectively. She is also a member of the editorial boards of scholarly journals, including European Data Protection Law Review and EU Law Live.

She speaks Slovenian (mother tongue), English, French, German and Dutch.

Mika Lauhde

Before operating as Head of Technology, Delegation of Cyberspace, ICRC - International Committee of Red Cross, he worked at Huawei Technologies as Vice-Prseident Cyber Security & Privacy, Global Public Affairs and 65Security; an expert house in Cyber security services for authorities, Law-enforcement, courts, law firms and companies needing advanced Security services. Prior joining 65Security he worked in SSH Communications Security as VP, Government Relations and Business Development. Engaging governments, industry partners, and product- and service users on important security and privacy issues such as critical infrastructure protection, compliancy, software assurance, risk and identity management. In Nokia Corporation, Mika Lauhde headed Business Security and Continuity, where he was accountable of Government Relations in Cyber Security area, Criminal compliancy and forensic, Nokia wide crisis management as well terminal and manufacturing related security tool manufacturing.

 Mika has an extensive experience with cyber security related topics and governmental institutions both in Europe and USA. Currently he is a Member of ENISA (European Network and Information Security Agency) Permanent Stakeholder Group and Europol Cyber security and privacy adviser as well Visiting lecturer, Maastricht University, Centre of Data protection and Cyber Security (2017-); Member of ENISA (European Network and Information Security Agency) PSG (2009 – ); Europol Cyber Security Advisor (2016 – ) Europol Privacy Expert (2015 -); Visiting lecturer, Maastricht University, Centre of Data protection and Cyber Security (2017-); Member of Loueven University European Crypto Task Force (2014 – ); Founding Member and Board Member of TDL (Trust in Digital Life) (2010 – 2013 ) (Part of the European Cyber Security Strategy plan 2013); Member of EU government security advisory board RISEPTIS, reporting to Commissar Redding),  (2007-2009); Member of Finnish government ICT security advisory board (2007 – 2010); Member of UK government critical infrastructure protection group CPNI (2005 – 2009)

Christopher Kuner is professor of law at the Vrije Universiteit Brussel (VUB) in Brussels, Belgium, and co-director of the Brussels Privacy Hub, a legal research centre at the VUB. He is also an affiliated lecturer at the University of Cambridge, and a Visiting Professor at the London School of Economics and Political Science.

The author of numerous books and articles, Dr. Kuner is editor-in-chief of the law journal International Data Privacy Law published by Oxford University Press. He has participated in the work of numerous international organizations, and has taught courses at the summer session of the Hague Academy of International Law and at the summer school of the Academy of European Law in Florence.

Giovanni Comandé (LLM Harvard Law School, Ph.D. Scuola Superiore Sant’Anna) is Full Professor of Private comparative law at Scuola Superiore Sant’Anna where he also studied as ordinary student. Since 1995 he has been a lawyer, included in the special roll for university teachers in Pisa and Attorney at law (New York Bar, since 1997). A mediator at Organismo Conciliazione Pisa and mediation trainer, he taught in and visited numerous universities (Washington and Lee School of Law; Université Laval; Fordham School of Law; Université Panthéon Assas Paris II, Faculté de Droit ; Hebrew Univeristy, Jérusalem; Wake Forrest University School of Law; University of South Carolina School of Law). He is an elected member and advisor for various projects to the American Law Institute (for ex. concerning Information Privacy Principles) member of the European Law Institute (ELI), of the European Group on Tort Law and of the European Centre of Tort and Insurance Law, Vienna. He works in Italian, English, Spanish and French. He directs the Interdisciplinary and Comparative Research lab where he leads, among else, the "Rights, Information, Governance, Health, Technology, Sciences in the Classifying society" project. He teaches "Legal issues in Data Science" at UNIPI.

His areas of competence includes: comparative law, data protection law, law and technology, algorithm regulation, civil law in general, tort law, personal injury, European private law, health law, private law of public administration, product liability, A.D.R. (Alternative Dispute Resolution), American law, insurance law and technology regulation. He is also the founder and President of Smartlex, a Scuola Superiore Sant' Anna.

Massimo Marelli LL.B. (QMUL), LL.M (Cantab) is the Head of Data Protection Office at the International Committee of the Red Cross (ICRC)

Before taking this role at the ICRC headquarters in Geneva, Massimo held several positions as a Delegate in the field and legal adviser at the ICRC. Prior to joining the ICRC, Massimo worked as lawyer at the UK Office of Fair Trading, Referendaire at the EU General Court, and as Solicitor in private practice. Massimo is a member of the Brussels Privacy Hub Advisory Board, and with Dr. Christopher Kuner leads the Brussels Privacy Hub/ICRC “Data Protection and Humanitarian Action” working series.

Christopher Docksey, Honorary Director General of the European data protection Supervisor (EDPS)

He has been responsible for the coordination and implementation of policies and activities since 2010. He is a member of the English Bar and a law graduate of the Universities of Cambridge and Virginia. He has taught law at the Universities of Exeter and Washington and at the Marshall-Wythe School of Law. He was the Legal Adviser on data protection to the European Commission from 2001 to 2010. During this period he represented the Commission in the data protection cases before the European Court of Justice and advised on draft legislation and international negotiations on matters such as Safe Harbor, PNR and TFTP. Most recently he represented the EDPS in the Schrems proceedings before the Court.

Herke Kranenborg is a member of the European Commission’s Legal Service specialising in the field of privacy and data protection. In addition to advising client directorates-general in these areas, he represents the Commission in litigation before the EU Courts.

Previously, he worked at the Office of the European Data Protection Supervisor (EDPS). Herke is visiting fellow at the ECPC and, since 2010, affiliated senior researcher at the Institute for European Law of the K.U. Leuven. He has numerous national and international academic publications on EU law, in particular on data protection, privacy and fundamental rights in general. His PhD thesis, on the subject of EU data protection and public access to documents, was awarded by the Europa Institute of the University of Leiden (2007). In August 2018, together with prof. Luc Verhey, Herke published a monograph on the General Data Protection Regulation (GDPR): De Algemene Verordening Gegevensbescherming in Europees en Nederlands perspectief.

Leena Kuusniemi, Legal Advisor at Leegal Oy and Former Senior Legal Counsel, Rovio Entertainment

Leena supported Rovio’s technology R&D, cloud services, patent initiatives and technology co-operation initiatives, and is responsible for all privacy and regulatory matters globally. Before joining Rovio in 2012, Leena was with Nokia for ten years, mainly supporting Nokia’s device R&D, online services, data security and privacy. Prior to Nokia, she was a legal counsel at Remedy and started her career as an attorney and litigator. Leena has participated into numerous legal working groups and lectured widely in various seminars and universities.

Fernando Silva, Portuguese National Data Protection Supervisory Inspector/Auditor with more than 20 years of experience conducting Technical audits on compliance with data protection regulatory framework along with data breaches incident investigations.

Worked as Data Protection Officer at eu-LISA – European Agency for the Operational Management of large-scale IT Systems in the Area of Freedom, Security and Justice and Technical advisor to the DPO at Eurojust for the last 6 years at EU level.
Graduated as Computer Science and Electronics Engineer, started worked in the Data Protection Field since end 1995 at the Portuguese National Data Protection Authority, where integrated several teams on audits to European Agencies in the area of freedom, security and justice.
Certified DPO by EIPA, Certified Information Privacy Professional by IAPP and Certified GIAC Systems and Network Auditor (GSNA) by SANS along with other certifications in the ISO27000 family.
Deep knowledge on the Legal Framework for the Protection of the Information Environment, on the requirements Imposed by the GDPR Regulation. Depth knowledge of privacy principles, GDPR (Regulation 2016/679, Regulation 1725/2018), Data Protection Impact Assessments and Compliance audit.
Regular expert at various seminars notably about data protection, audits and IT Security fields.

Daniel Drewer is Data Protection Officer and Head of the Data Protection Function at Europol.

Daniel Drewer grew up in Hamburg and Moscow. He holds a Master of Law from the University of Hamburg. Prior to starting his further professional education at the Hanseatic Court in Hamburg, Daniel Drewer worked as a contract lawyer for a media group in Hamburg.

He joined the Legal Service at Europol in 2003. He went on to become Confidentiality Officer with responsibilities in the area of data security, security clearances, handling of classified information and was Secretary to the Europol Security Committee.

In 2007 he was selected as Head of the Information Integrity Unit, responsible for data protection and data security compliance.  In 2010 the Europol Management Board appointed him as Data Protection Officer and Head of Europol’s Data Protection Unit.

In 2015 he founded the Europol Data Protection Experts Network (EDEN). The EDEN community consist of 600 + active members from law enforcement, industries, academia and non-governmental organisations. He chairs the annual EDEN conferences.

Daniel Drewer contributes as speaker to international data protection conferences and seminars, including CPDP, the MIS Annual Audit conference, the European Institute for Public Administration (EIPA) and the Summer courses on criminal law and data protection law at the Academy for European Law (ERA).

Since 2021 he is member of the CEPOL Expert Group on Fundamental Rights.

Dr. Gabriela Zanfir-Fortuna is the Vice President for Global Privacy at the Future of Privacy Forum, a think tank based in Washington DC with offices in Brussels, Tel Aviv and Singapore, where she leads the work on Global privacy developments and counsels on EU data protection law and policy, working with all FPF’s offices and partners around the world.

Gabriela currently serves as a member of the Reference Panel of the Global Privacy Assembly, and she is also a member of the Executive Committee of the ACM FAccT (Fairness, Accountability and Transparency) Conference, since 2021. She is also an associated researcher with the Law, Science, Technology and Society Center at Vrije Universiteit Brussel. As a data protection and privacy law expert, Gabriela testified for the US Federal Trade Commission on data portability and for the European Parliament’s LIBE Committee on the EU’s proposed Data Governance Act. Prior to moving to the US in 2016, she worked for the European Data Protection Supervisor in Brussels, being part of the team that advised the EU legislator on the GDPR during its legislative process. She dealt with both enforcement and policy matters, was a member of the EDPS litigation team, as well as actively participated in the work of the Article 29 Working Party. She worked on the assessments of both the draft EU-US Privacy Shield and the draft EU-US Umbrella Agreement during her time at the EDPS and the Article 29 Working Party.

Gabriela holds a PhD in law (2013, University of Craiova) with a thesis on the rights of the data subject from the perspective of their adjudication in civil law and an LLM in Human Rights (2010), after obtaining her law degree at the same university (2009). She is a contributor-author to ‘The EU General Data Protection Regulation – A Commentary‘, edited by C. Kuner, C. Docksey and L.A. Bygrave, Oxford University Press, 2020 (on Articles 13, 14, 15, 21 and 82). She is also the author of the volume ‘Protecția Datelor Personale. Drepturile Persoanei Vizate‘, C.H. Beck, Bucharest, 2015.

Juraj Sajfert is a doctoral candidate at the Vrije Universiteit Brussel (VUB) and the University of Luxembourg. He carries out a joint research project in Netherlands, Belgium and Luxembourg called 'Making transparent invisible surveillance: Digital investigatory measures in Benelux and their compatibility with EU data protection law'. He is also teaching a variety of data protection courses for academia and professionals, particularly in the area of law enforcement, and EU institutions and bodies.

Previously, he spent more than five years working for the Data Protection Unit of DG Justice and Consumers at the European Commission, moving from the position of a case-processing lawyer at the European Court of Human Rights. Juraj has been closely involved in the process of drafting and negotiating the new EU data protection legislation, particularly focusing on the Law Enforcement Directive, the Data Protection Regulation for Union institutions and bodies and data protection rules for the European Public Prosecutors’ Office and Eurojust.